# Computer Architecture & Low Level Programming

Before we start hacking and writing exploits and finding zerodays, it's essential to fully grasp how computers work if you want to dive deep into binary exploitation, at the end of the day, binary exploitation is low level hacking, if we want to hack in this low level environment, we want to understand it properly, enough about me justifying why we need to learn computer architecture basics, let's go!

We'll segment our mind map into 2 main parts

1. Understanding Computer Architecture
2. Introduction to Assembly Language.

## Understanding Computer Architecture

### What is a Computer Architecture?

Computer architecture is basically how a computer is built and how it actually works, like the blueprint of a high-tech brain with an attitude. It decides how fast your memes load, how smooth your games run, and why your laptop sounds like a jet engine when you open 100 Chrome tabs...

I like to think that computer architecture has 3 main components:

#### **CPU (The Boss)**

* The **CEO of the computer**, making all the big decisions.
* Executes instructions, does math, and tells other parts what to do.
* Has a **Control Unit (the manager)** and an **ALU (the number cruncher).**
* More cores = more power = more tabs before your computer cries.

**Registers – The Brain’s Sticky Notes**

* The **fastest** memory inside the CPU, used to store data that needs to be accessed instantly.
* Examples:
  * **Accumulator (ACC)** – Stores immediate calculations.
  * **Program Counter (PC)** – Keeps track of which instruction is next.
  * **Instruction Register (IR)** – Holds the current instruction.

{% hint style="info" %}
Registers are part of the CPU so they fall under the CPU in our metaphor
{% endhint %}

#### **Memory (The Forgetful Assistant)**

* **RAM (Random Access Memory)** holds data temporarily, like sticky notes that get erased when you turn off your PC.
* **Cache** is like a VIP section for frequently used data, super fast, super small.
* If RAM is full, your PC starts using storage as **"fake RAM" (paging)** and that's when things get painfully slow.

#### **I/O (The Social Butterfly)**

* Everything that lets you **talk to the computer...**keyboard, mouse, screen, USB drives, even your angry keyboard smashes.
* Without this, your computer would be a lonely genius with no way to communicate.

<figure><img src="https://3443333639-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FxpQoWM8joF4VXdlJBNM0%2Fuploads%2FVfeSjOaOTgVlN0WMHVKK%2Fimage.png?alt=media&#x26;token=a89bb767-2224-49da-91dd-c7ea2aa36afb" alt=""><figcaption></figcaption></figure>

The main function of a computer processor is to execute instructions and generate an output. The CPU follows a fundamental cycle consisting of **Fetch, Decode, Execute, and Store**, orchestrated by the **Control Unit (CU)** and **Arithmetic Logic Unit (ALU).**

1. **Fetch:** The **Control Unit (CU)** retrieves an instruction from RAM, which is represented in binary, and transfers it to the CPU.
2. **Decode:** The **CU** interprets the instruction and prepares the necessary components for execution. If the instruction involves calculations or logical operations, the **Arithmetic Logic Unit (ALU)** takes charge.
3. **Execute:** The instruction is carried out, this may involve performing a calculation, moving data, or interacting with hardware components.
4. **Store:** Once execution is complete, the result is stored back in memory for future use.

This cycle repeats continuously, allowing the CPU to process multiple instructions efficiently, ensuring smooth system operation.

{% hint style="info" %}
Quick distinction on types of memory, imagine we're in a buffet:&#x20;

* **Registers** are like a **bite already in your mouth,** immediate access, no delay.
* **Cache** is like **a plate of food right in front of you,** quick to grab, but not as instant.
* **RAM** is like **the buffet itself,** you have to walk over to get more food, which takes time.
  {% endhint %}

All info you'll need to know about the architecture we'll be attacking through our training are covered below :eyes:

{% content-ref url="computer-architecture-and-low-level-programming/x86-64-architecture" %}
[x86-64-architecture](https://l0mb4rd.gitbook.io/pwn/pwn-notes/intro-to-pwn-notes/computer-architecture-and-low-level-programming/x86-64-architecture)
{% endcontent-ref %}

***

## Introduction To Assembly Language

Now that we’ve explored **computer architecture** and how memory is structured in **x86-64**, let’s talk about how we actually **interact with the CPU at a low level**.

Everything a computer does boils down to **instructions,** tiny operations like adding numbers, moving data, or jumping to a different part of a program. These instructions are executed by the **CPU**, but writing them directly in **binary (machine code)** is painful. That’s where **Assembly language** comes in.

* Assembly is a **human-readable version of machine code**.
* It uses **mnemonics** (short, easy-to-remember words) instead of raw binary.
* Each instruction corresponds directly to an operation the CPU can execute.

For example, instead of writing a binary instruction like:

```
10110000 01100001
```

…you can write something **more understandable** in Assembly:

```asmatmel
mov al, 0x61   ; Move the value 0x61 ('a' in ASCII) into register AL
```

Both do the **same thing**, but Assembly is far easier for humans to read.

### **Why Learn Assembly?** 🤯

✅ **Gives you direct control over the CPU** – You see exactly how instructions are executed.\
✅ **Essential for reverse engineering & security** – Hackers and security researchers use Assembly to analyze malware, exploits, and vulnerabilities.\
✅ **Helps in debugging & optimization** – Knowing Assembly helps you understand how compiled programs run at the lowest level.\
✅ **Used in embedded systems & OS development** – Low-level programming is crucial for writing firmware, kernels, and drivers.

{% hint style="info" %}
Since we just discussed **x86-64 architecture**, it makes sense to learn **x86-64 Assembly**, which is the instruction set used by modern Intel and AMD processors.
{% endhint %}

* Assembly works closely with **registers** (tiny storage units inside the CPU).
* It follows the **Fetch-Decode-Execute cycle** we talked about earlier.
* Different architectures (like ARM or RISC-V) have their own Assembly languages, but the concepts remain similar.

### What's Next?

Now that you understand why Assembly is important, let's dive into:\
🔹 **Registers and their role in x86-64 Assembly**\
🔹 **Basic instructions (mov, add, sub, cmp, etc.)**\
🔹 **How Assembly interacts with memory (stack, heap, data segment, etc.)**

Ready to start writing your first Assembly program?

{% content-ref url="computer-architecture-and-low-level-programming/x86-64-assembly" %}
[x86-64-assembly](https://l0mb4rd.gitbook.io/pwn/pwn-notes/intro-to-pwn-notes/computer-architecture-and-low-level-programming/x86-64-assembly)
{% endcontent-ref %}

## The Stack Frame

Before we go further, let’s talk about **stack frames,** they define **how functions work** and **how memory is allocated** for each one.

Why does this matter? Because **most of the attacks we’ll learn** involve **manipulating the stack frame and its registers**. If you understand how it works, you’ll know exactly where to **poke holes and break things**.&#x20;

### Stack Frames, What Are They Exactly?

Every time a function is called, the CPU **creates a stack frame** to store everything the function needs, this includes **local variables, function arguments, return addresses, and saved registers**. When the function ends, the stack frame is **removed**, and execution returns to the caller.

### **How a Stack Frame is Set Up**

When a function is called:

1. **The return address is pushed** onto the stack (this tells the CPU where to go after the function finishes).
2. **The old base pointer (RBP) is saved**, and RBP is updated to mark the start of the new stack frame.
3. **Function arguments and local variables are allocated** within the stack frame.
4. The function **executes**, using registers and stack memory as needed.
5. When the function ends, **RBP is restored, the stack is cleaned up, and execution returns to the caller**.

### Stack Frame Layout

```sql
+-------------------+  
| Function Args     |  <-- Passed by the caller  
+-------------------+  
| Return Address    |  <-- Tells CPU where to go back  
+-------------------+  
| Saved RBP         |  <-- Stores previous frame pointer  
+-------------------+  <-- RBP (Base Pointer)  
| Local Variables   |  <-- Function-specific variables  
+-------------------+  <-- RSP (Stack Pointer)  
```

* **RBP (Base Pointer)** stays fixed to track the stack frame.
* **RSP (Stack Pointer)** moves as values are pushed/popped.

{% hint style="info" %}
This is scratching the surface of how stack frames can be utilized, we'll dive deeper into stack frames in future sessions&#x20;
{% endhint %}

## Epilogue

This isn't the last time we'll visit how computers work, the deeper we dive into pwn the more we dive into computer architecture...

## References

* [GeeksforGeeks](https://www.geeksforgeeks.org/central-processing-unit-cpu/)
* [Dreamhack](https://dreamhack.io/)